McAfee fails the Conficker test

McAfee fails the Conficker test

Summary: The hysteria over the Conficker worm is reaching a fever pitch, with mainstream media doing their bit to whip Windows users into an unjustified panic. The trouble with virus scares in general is that they do a wonderful job of driving people directly into the arms of rogue security vendors. So what's a confused consumer to do when one of the largest security companies in the world creates a website filled with sloppy mistakes that make it look exactly like a rogue vendor?

SHARE:
TOPICS: Security
129

Update: 31-Mar, 4PM PDT: McAfee has corrected the errors on the web pages associated with its Stinger downloads. Joris Evers, McAfee's director of worldwide PR, writes via e-mail: " It's unfortunate that you don't like the way we present the Conficker information on our Web site, but there is a lot out there including a front page banner that leads to a landing page that went live early this week." He points to the company's main landing page for Conficker information, which contains a link to a Conficker-specific version of the Stinger tool, and to a 15-page PDF document entitled "Finding W32/Conficker.worm," He also notes that McAfee's Avert Labs has "blogged numeroius times about conficker."

The hysteria over the Conficker worm is reaching a fever pitch, with mainstream media doing their bit to whip Windows users into an unjustified panic over something that will affect a tiny fraction of the user community, made up almost entirely of people who were too stupid or negligent to apply a Windows patch issued nearly six months ago.

Ironically, many security professionals are in the amusing position of having to tamp down the hysteria. See, for example:

The trouble with virus scares is that they do a wonderful job of driving people directly into the arms of rogue security vendors (thank you, F-Secure). What makes this phenomenon even worse is when one of the largest security companies in the world creates a website filled with sloppy mistakes that make it look exactly like a rogue vendor.

Yes, I’m talking about you, McAfee. Let’s go through the list.

For starters, McAfee’s W32/Conficker.worm information page is hosted at a very strange URL: http://vil.nai.com/vil/content/v_153464.htm. Now, an old-timer like me will remember that McAfee Inc. used to be Network Associates, Inc. (NAI) until about five years ago. So I didn't find that nai.com domain too alarming. But a casual computer user certainly won't know that obscure bit of corporate history, and the McAfee logo and name are splashed all over that page, even though the domain name is completely unrelated. You know, like rogue security sites do.

On its home page, under a bold red “BREAKING ADVISORY” head, McAfee has also helpfully noted that it has “posted a W32/Conficker-specific version of our Stinger tool.” Following that link takes you to the Avert Tools download page and then to a download page for the tool itself (many third-party sites link directly to this page). Like the  Conficker info page, the Stinger download page is hosted at nai.com even though the McAfee name is the only one used on the page. One IT pro I spoke with was convinced this was a bogus download after he went to the Stinger page, clicked the About Us link, and saw … well, see for yourself:

Sloppy website design or a rogue site? If you’re a nervous Windows user who’s been told that the world’s most dangerous computer worm is going to strike tomorrow, do you trust this site? Me neither.

And as long as we’re picking on sloppy web designers, take another look at the McAfee Secure logo in the upper right corner of that page. According to the logo, this page was last tested by the McAfee Secure service on November 5 (2008, I presume, but who knows?). For the record, that’s nearly five months ago. McAfee’s home page carries a current date in this spot.

Security is serious business, and details matter. When a company as large as McAfee is this sloppy with its public response to a high-profile issue, it makes you wonder how tightly the engineering, development, and support sides of the business are being operated.

My advice: If you're looking for a reliable source of security information, skip McAfee.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

129 comments
Log in or register to join the discussion
  • Reliable Security Source

    Well... I skip McAffee entirely :) (even if they are "free" from Comcast). McAffee is in the same league as Norton - Sucks. VIPRE is the best Anti-virus/Anti-spyware solution I have found.

    More proof that a 'major' vendor can't be trusted to be a good steward of $$$.
    JT82
    • Reliable Security Source

      Well, I skip Windows entirely because Microsoft have failed the Conficker test! ;-)
      Amelioration
      • Oh snap

        I see. So, releasing a patch for the vulnerability BEFORE the Conficker exploit was in the wild is a "failure"?

        You'll have to do better than that.
        Ed Bott
        • I have done better than that.

          I'm using Ubuntu Jaunty Jackalope.
          Amelioration
          • Waiting here...

            ...for Lame Llama. Or maybe Myopic Meerkat.
            Ed Bott
          • or...

            Negativistic Naysayer
            wormtowndj
          • Wormful Windows ...

            then there's no waiting ;-)
            Amelioration
          • So would you agree

            that if someone gets a worm, virus or any other attack on an unpatched copy of Ubuntu (doesn't matter what kernel they're using), then Ubuntu, in general, is not secure?

            Nevermind that I I'm not convinced Linux could survive unscathed if all the crimeware architects and engineers focused their efforts on it (but they won't, because so few use it, it's not worth the effort), instead of Windows.

            Ubuntu is for Developers, IT workers and embedded systems. It's not for mom and pop (even though my 70 something mom is more computer savvy than most people)....some day it may get there, if enough HCI R&D is done.

            notsofast
          • just downloaded the "latest" Stinger & it's old!



            Ran the executable and this greeted me in red text:

            This product is outdated.
            Please go to http//vil.nai.com.vil/stinger for an update.

            Gee, that's where I just got this "outdated" version, but, sure enough, it was created on Jan10, 2009!

            Obviously, many at McAfee aren't paying any attention to the idiotic and amateurish image they project by such negligence.

            ITSecurityGuy
          • pulsating platypus here... (nt)

            =D
            pgit
          • Or maybe Titilated Trouser Trout...? n/t

            n/t
            Wolfie2K3
          • Yeah - I tried Ubuntu...

            Then I decided I needed to get some real work done and went back to Windows.

            There are two kinds of people, those who think the solution to finding ants in the kitchen is to blow up the house - and those who buy a can of Raid.

            Clearly you (and the previous US government) are in the former group.
            TheWerewolf
          • You can't get work done on Ubuntu?

            Shows either how little you know, or how utterly and completely dependant you are on closed source developers to enable you to feel as though you are "working".

            Pray tell, what is it that you cannot achieve on Ubuntu? We'll be willing to help you ;-)
            Amelioration
          • Or you could use boiling water, which is free...

            ...(apart from the cost to boil of course), and what else is free...wait for it....yup you guessed it...Linux!

            Sorry just had to reply, I use XP, Win 7 Beta, & Ubuntu and have no wish to start a flame war.

            All 3 work great for me to do my work as a Developer so I'm happy!
            DevJonny
          • What was it exactly that you found was missing in Ubuntu?

            Decent support to play world Of Warcraft?

            Your favorite malware?

            Or was it that special plugin to watch your favorite porn?
            InAction Man
          • Lotsa half-baked software

            Ubuntu comes with a huge assortment of free software, but much of it is rather raw compared to its Windows and Apple equivalents -- lacking features, buggy, or with arcane user interfaces that make me go back to my old Windows system again and again. Although Linux has come a long way in the last 10 years, it still lags far behind the mainstream user's needs. (I'm writing this comment on an Ubuntu 8.10 computer.)
            Tony R.
          • What a good little surfer!

            Using Jaunty Jackalope, hows Photoshop work on that? Oh right you have GIMP a cruel but accurate name for such a miserable product. Stick with you Linux, if you don't need much you wont be disappointed.
            marks055@...
          • Photoshop? Is that the only arrow in your quiver?

            I don't need Photoshop. I'm not a graphic designer.

            I do everything - EVERYTHING - that makes up secure, modern, database driven web sites, except for the polished graphics.

            In my profession, I don't know ONE developer who is considered good who uses Windows. That's 100% true.
            Amelioration
          • Good developers, you say?

            Maybe that's because you aren't one. I say this because the developer's expertise is unrelated to the OS they happen to be typing on. Anyone wo says people that use a particular OS are all bad developers is ... misinformed, to say the least. I use Windows to create (except when I use a Mac), and I host on Linux. I try to test in Chrome, IE, Firefox, Opera, and Safari.

            On Linux: product updates are slightly more complicated. Command-line is still necessary for some tasks. End-user products (those that casual users typically work with) are not available or are different. How about InDesign (page layout)? Not every printer or scanner is going to work on Linux.

            A modern web site without polished graphics isn't modern.

            Accept all OSs. You don't have to like them. You don't have to use them. But saying someone is not a good developer because they use a particular OS is the same as saying they aren't a good developer because their skin is a different color than yours.

            To be a good developer, you need to understand graphics, even if you don't create them. Photoshop is widely used. A good developer would know how to use it, even if they don't use it in their work.
            jl2009
          • Take away Photoshop and what do they have?

            Some of these people who use it seem to think the whole rest of the world uses it too. Well guess what...

            ~

            [i]In my profession, I don't know ONE developer who is considered good who uses Windows. That's 100% true.[/i]

            Now that I disagree with. Much as I can't stand Windbloze, I'm not gonna blame developers who [b]have[/b] to use it in order to get their jobs done. Even I have to use it in order to get my job done. Thank God, it's not Vista, though.
            hasta la Vista, bah-bie